11 SECURING INTERNET MESSAGING Chapter 9
Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES Explain basic concepts of Internet messaging. Describe how to secure mail servers. Describe how to secure mail clients. Describe how to secure instant messaging (IM). Explain basic concepts of Internet messaging. Describe how to secure mail servers. Describe how to secure mail clients. Describe how to secure instant messaging (IM).
Chapter 9: SECURING INTERNET MESSAGING3 UNDERSTANDING INTERNET MESSAGING BASICS is a popular communications medium. is a common target of attackers and hoaxes. security must address servers, clients, and protocols. IM supports real-time interaction. is a popular communications medium. is a common target of attackers and hoaxes. security must address servers, clients, and protocols. IM supports real-time interaction.
Chapter 9: SECURING INTERNET MESSAGING4 TYPES OF MESSAGING Standardized protocols Delayed communication IM Few standards Real-time communication List of online partners Standardized protocols Delayed communication IM Few standards Real-time communication List of online partners
Chapter 9: SECURING INTERNET MESSAGING5 PROCESSING Store and forward mechanism DNS Mail Exchanger (MX) records American Standard Code for Information Interchange (ASCII) format Multipurpose Internet Mail Extensions (MIME) encoding Store and forward mechanism DNS Mail Exchanger (MX) records American Standard Code for Information Interchange (ASCII) format Multipurpose Internet Mail Extensions (MIME) encoding
Chapter 9: SECURING INTERNET MESSAGING6 STORE AND FORWARD
Chapter 9: SECURING INTERNET MESSAGING7 HEADER Sender and receiver addresses MIME attachments client software servers Clear text, unencrypted Sender and receiver addresses MIME attachments client software servers Clear text, unencrypted
Chapter 9: SECURING INTERNET MESSAGING8 PROTOCOLS Simple Mail Transfer Protocol (SMTP) Post Office Protocol (POP) Internet Message Access Protocol (IMAP) Simple Mail Transfer Protocol (SMTP) Post Office Protocol (POP) Internet Message Access Protocol (IMAP)
Chapter 9: SECURING INTERNET MESSAGING9 HOW SERVERS SEND AND RECEIVE MESSAGES
Chapter 9: SECURING INTERNET MESSAGING10 NATIVE SECURITY No encryption Easily intercepted No authentication Easily forged or spoofed No encryption Easily intercepted No authentication Easily forged or spoofed
Chapter 9: SECURING INTERNET MESSAGING11 SPAM Spam can be either unsolicited commercial (UCE) or unwanted noncommercial . More than half of all on the Internet is spam. Spam wastes significant online resources. Filters and blacklists reduce spam. Spam can be either unsolicited commercial (UCE) or unwanted noncommercial . More than half of all on the Internet is spam. Spam wastes significant online resources. Filters and blacklists reduce spam.
Chapter 9: SECURING INTERNET MESSAGING12 REDUCING SPAM Never respond to spam. Don’t post your address on your Web site. Use a secondary address in newsgroups. Don’t provide your address online without knowing how it will be used. Use a spam filter. Never buy anything advertised in spam. Never respond to spam. Don’t post your address on your Web site. Use a secondary address in newsgroups. Don’t provide your address online without knowing how it will be used. Use a spam filter. Never buy anything advertised in spam.
Chapter 9: SECURING INTERNET MESSAGING13 SCAMS The purpose of a scam is to defraud rather than sell a product. Education is the best defense. Create a policy to control the release of sensitive information. The purpose of a scam is to defraud rather than sell a product. Education is the best defense. Create a policy to control the release of sensitive information.
Chapter 9: SECURING INTERNET MESSAGING14 HOAXES Spread misleading information, often called urban myths Often spread like chain letters Often start with malicious intent Inappropriately use systems Can be minimized by educating users about the proper handling of hoaxes Spread misleading information, often called urban myths Often spread like chain letters Often start with malicious intent Inappropriately use systems Can be minimized by educating users about the proper handling of hoaxes
Chapter 9: SECURING INTERNET MESSAGING15 SERVER VULNERABILITIES Data theft or tampering Denial of service (DoS) Spam, scams, and hoaxes Spoofing Mail relay viruses Data theft or tampering Denial of service (DoS) Spam, scams, and hoaxes Spoofing Mail relay viruses
Chapter 9: SECURING INTERNET MESSAGING16 SECURING SERVERS Remove unnecessary components. Block unused protocols. Disable relaying from unauthenticated connections. Configure an SMTP bridgehead server. Install virus filters and antivirus software. Keep your software updated. Remove unnecessary components. Block unused protocols. Disable relaying from unauthenticated connections. Configure an SMTP bridgehead server. Install virus filters and antivirus software. Keep your software updated.
Chapter 9: SECURING INTERNET MESSAGING17 ACCESS CONTROL When authenticating client access, consider POP and IMAP Proprietary protocols Web-based SMTP When authenticating client access, consider POP and IMAP Proprietary protocols Web-based SMTP
Chapter 9: SECURING INTERNET MESSAGING18 POP AND IMAP POP is used more often than IMAP. Both transmit in clear text. There are several ways to authenticate a POP user, including Secure Password Authentication (SPA) Authenticated Post Office Protocol (APOP) Encrypted transport protocols such as Internet Protocol Security (IPSec) can be used. POP is used more often than IMAP. Both transmit in clear text. There are several ways to authenticate a POP user, including Secure Password Authentication (SPA) Authenticated Post Office Protocol (APOP) Encrypted transport protocols such as Internet Protocol Security (IPSec) can be used.
Chapter 9: SECURING INTERNET MESSAGING19 PROPRIETARY PROTOCOLS Nonstandard protocols Wider range of features Various levels of authentication security Different vulnerabilities Nonstandard protocols Wider range of features Various levels of authentication security Different vulnerabilities
Chapter 9: SECURING INTERNET MESSAGING20 WEB-BASED Allows browser-based access Is more versatile for mobile users Uses strong Web-based authentication Uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Allows browser-based access Is more versatile for mobile users Uses strong Web-based authentication Uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
Chapter 9: SECURING INTERNET MESSAGING21 SMTP ACCESS CONTROL Allows only authenticated users to send Supports password authentication Limits SMTP access to local POP clients Allows only authenticated users to send Supports password authentication Limits SMTP access to local POP clients
Chapter 9: SECURING INTERNET MESSAGING22 SMTP RELAY SMTP relay forwards incoming messages to another mail server for delivery. Open relays can be hijacked by spammers. SMTP relaying should be limited to internal systems. Limit access to local clients and approved servers to prevent SMTP relay. SMTP relay forwards incoming messages to another mail server for delivery. Open relays can be hijacked by spammers. SMTP relaying should be limited to internal systems. Limit access to local clients and approved servers to prevent SMTP relay.
Chapter 9: SECURING INTERNET MESSAGING23 OPEN RELAYING
Chapter 9: SECURING INTERNET MESSAGING24 MONITORING Monitoring can be a privacy issue. Scan for viruses and malicious code. Scan to prevent disclosure of confidential information. Monitoring can be a privacy issue. Scan for viruses and malicious code. Scan to prevent disclosure of confidential information.
Chapter 9: SECURING INTERNET MESSAGING25 CLIENT VULNERABILITIES Impersonation or spoofing Eavesdropping Hypertext Markup Language (HTML) vulnerabilities Software that has not been updated Viruses and executable programs spread through messages Web-based Impersonation or spoofing Eavesdropping Hypertext Markup Language (HTML) vulnerabilities Software that has not been updated Viruses and executable programs spread through messages Web-based
Chapter 9: SECURING INTERNET MESSAGING26 SECURING MAIL CLIENTS Keep clients updated. Configure security settings on mail servers. Educate users on safe practices. Keep clients updated. Configure security settings on mail servers. Educate users on safe practices.
Chapter 9: SECURING INTERNET MESSAGING27 ENCRYPTION AND SIGNING Encryption provides confidentiality for . There are two ways to secure Pretty Good Privacy (PGP) Secure/Multipurpose Internet Mail Extensions (S/MIME) PGP and S/MIME are based on public key cryptography. Clients must have a certificate issued by a certification authority (CA). Encryption provides confidentiality for . There are two ways to secure Pretty Good Privacy (PGP) Secure/Multipurpose Internet Mail Extensions (S/MIME) PGP and S/MIME are based on public key cryptography. Clients must have a certificate issued by a certification authority (CA).
Chapter 9: SECURING INTERNET MESSAGING28 THREATS TO IM Unencrypted data transfers are prone to eavesdropping. Transferred files might bypass virus scanners. IM has vulnerabilities, such as buffer overflows. Sensitive information might be disclosed. Unencrypted data transfers are prone to eavesdropping. Transferred files might bypass virus scanners. IM has vulnerabilities, such as buffer overflows. Sensitive information might be disclosed.
Chapter 9: SECURING INTERNET MESSAGING29 HOW IM WORKS
Chapter 9: SECURING INTERNET MESSAGING30 IM SECURITY Prohibit the use of IM, if possible. Block IM traffic on network borders. Specify and restrict IM software. Use IM encryption. Define the acceptable use of IM. Prohibit the use of IM, if possible. Block IM traffic on network borders. Specify and restrict IM software. Use IM encryption. Define the acceptable use of IM.
Chapter 9: SECURING INTERNET MESSAGING31 IM SECURITY (CONT.) Train users how to safely use IM. Update virus scanners. Keep IM software updated and patched. Use internal IM servers. Train users how to safely use IM. Update virus scanners. Keep IM software updated and patched. Use internal IM servers.
Chapter 9: SECURING INTERNET MESSAGING32 SUMMARY Secure servers, clients, and the communications between them. Defend your networks against spam and other unwanted . Securing clients includes configuring secure authentication methods. Another important client configuration task is to configure the encryption and signing capabilities of the client software. Secure IM by preventing its use in your organization or by controlling the types of information that can be exchanged by using IM. Secure servers, clients, and the communications between them. Defend your networks against spam and other unwanted . Securing clients includes configuring secure authentication methods. Another important client configuration task is to configure the encryption and signing capabilities of the client software. Secure IM by preventing its use in your organization or by controlling the types of information that can be exchanged by using IM.